Vulnerability in FTPD

• Next message: Laust S. Jespersen: "Re: Vulnerability in FTPD"
• Previous message: Lars Eckberg: "Re: ADSL konfig."
• Next in thread: Laust S. Jespersen: "Re: Vulnerability in FTPD"
• Reply: Laust S. Jespersen: "Re: Vulnerability in FTPD"
• Maybe reply: Hroi Sigurdsson: "Re: Vulnerability in FTPD"
• Maybe reply: Laust S. Jespersen: "Re: Vulnerability in FTPD"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

Date: Fri, 20 Apr 2001 12:27:08 +0200
From: Mads <none@mads--kanon.net.lh.bsd-dk.dk>
To: bsd-dk@bsd-dk.dk
Subject: Vulnerability in FTPD

  Hej liste..

  Jeg har lige laest den security advice som kom ud omkring:

  "globbing vulnerability in ftpd"

  Jeg har en temmelig aaben FTP server koerende paa FreeBSD 4.2, saa
  jeg skulle ha det omtalte problem. En gang har jeg observeret at
  nogen lavede et directory i mit aabne directory med en meget lang
  path. Noget der ligner:

  /ftp/upload/1mb/1mb/1mb/1mb/1mb/1mb/1mb/1mb/

  Kunne det maaske vaere nogen som proever at overbelaste min ftpd og
  komme ind den vej?

  Er der nogen som har set det foer? og hvad gjorde I saa?

  Det umiddelbare svar er selvfoelgelig at opgradere, men jeg taenkte
  at der maaske var nogen andre ideer?

  Mads

"-= Member of *BSD/Dk USER GROUP | http://www.bsd-dk.dk/ =- "

• Next message: Laust S. Jespersen: "Re: Vulnerability in FTPD"
• Previous message: Lars Eckberg: "Re: ADSL konfig."
• Next in thread: Laust S. Jespersen: "Re: Vulnerability in FTPD"
• Reply: Laust S. Jespersen: "Re: Vulnerability in FTPD"
• Maybe reply: Hroi Sigurdsson: "Re: Vulnerability in FTPD"
• Maybe reply: Laust S. Jespersen: "Re: Vulnerability in FTPD"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2b30 : Wed 15 Nov 2006 - 18:24:06 CET